2619cbe458abc1b5676b88625891021b01d61c9c649df7ebe041fee46220a1cf | Triage

Sharing

General

Target

7bb829303d04a10d8cffb29bc9e81f18_JaffaCakes118
Size

14.1MB
Sample

240528-e86hlaeg6x
MD5

7bb829303d04a10d8cffb29bc9e81f18
SHA1

3ae1edf82dc1b36a3ae438a9c08ab5d89fa78862
SHA256

2619cbe458abc1b5676b88625891021b01d61c9c649df7ebe041fee46220a1cf
SHA512

3d04ecc813d61b71ceb40301f1ad865b929140586caf24ee2608324ecfb6eaab6952267dac53940fe7f3cf271870664ba0268ddefa398a93e8e1e8a1a1ad618d
SSDEEP

393216:tDgAgTSIYEZ+JVkZMMWlqbd5xFweYPR8SooD:qAhI5+XHlqDxFwrPR8SoK

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  vmixer.exe
- Size
  
  14.5MB
- MD5
  
  da2a344c0338220684308fa5f9b4c6cf
- SHA1
  
  3b0eb0e94606f9f1834a2241445d891abf1d3ac6
- SHA256
  
  fe341202c0bf771497542849387ff096823a03184ddc4cdadb72179673665e75
- SHA512
  
  c74bdd776d3cb2dd59755e6ecee6bdb65e7e6be753e1fb7731e309e97a9d1d922dd117b5a2392bae008a9e2ce8b92e0cc8099fe260c8c431fffe6bb87e65deb6
- SSDEEP
  
  393216:eVKCIfyGEeBw5VKXokQNGD51hXeqQpxEO0WO:VC/GhwHjNGvhXe/pxEO0J
Score

8^/10

persistence
- Sets service image path in registry
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2